package com.bw.controller;

import com.bw.entity.User;
import com.bw.mapper.UserMapper;
import org.spring.kun.common.Md5Utils;
import org.spring.kun.common.TokenUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;

@Controller
public class LoginController {

    @Autowired
    UserMapper userMapper;

    @RequestMapping("/loginPage.do")
    public String loginPage() {

        return "login";
    }

    @RequestMapping("/login.do")
    public String login(@Valid User loginUser, BindingResult result, Model model, HttpServletRequest request, HttpServletResponse response) {
        // 1. 非空验证
        if (result.hasErrors()) {
            model.addAttribute("error", result.getAllErrors().get(0).getDefaultMessage());

            return "login";
        }
        //2. 用户名是否存在
        User userFromDB = userMapper.selectByName(loginUser.getName());

        if (userFromDB == null){
            model.addAttribute("error", "用户不存在");
            return "login";
        }
        // 3. 密码是否正确
        String loginUserPassword = loginUser.getPassword();// 用户输入的密码
        String salt = userFromDB.getSalt(); //数据库里的盐
        String dbPassword = userFromDB.getPassword(); // 数据库里的密码

        String md5String = Md5Utils.getMD5String(loginUserPassword + salt); //加密用户输入的密码 和数据库的盐

        if (!md5String.equals(dbPassword)){
            model.addAttribute("error", "密码错误");
            return "login";
        }

        // 4.  加密用户  制作token  ，把token放入cookie  ，把cookie返回个浏览器
        TokenUtils.responseTokenByCookie(userFromDB,response);

        return "redirect:list.do";
    }

}
